Banks Will Need New Cybersecurity Muscles to Protect Consumers in the Metaverse
Banks #Banks
By Kevin Gosschalk, Founder and CEO, Arkose Labs
A few banks have started to plough ground in the metaverse. But are banks aware of how consumer security would play out in the metaverse? Is there something they can learn from their gaming peers in digital account security? Read on to learn more
Given the monetization potential of consumers’ fintech accounts, attackers are training their focus on metaverse pioneers in the finance sector. New research shows attacks targeting metaverse pioneers increased 40% in Q1 2022 over Q4 2021. And the top threats in the metaverse are scams, microtransaction abuse, and unfair play – attack types that banks typically don’t encounter in today’s physical and digital worlds.
When compared with the attacks that banks are currently fighting – such as account takeover attacks, application fraud, and so forth – they will need to exercise new cybersecurity muscles to operate and protect their consumers’ avatar identities in the metaverse. Fortunately, banks need not reinvent the wheel – they can learn from the experience of gaming companies, the original pioneers of metaverse worlds.
Attacks on gaming companies in the metaverse
Gaming companies in the metaverse are up against Master Fraudsters. These attackers are the most sophisticated and use multiple tools to attack consumers and bypass defenses. Along with weaponizing bots, Master Fraudsters are using human fraud farms to appear legitimate and abuse the communication channels of the target companies.
Gaming platforms in the metaverse deal with synthetic accounts and use of bots and animation to scale up the currency earnings. For instance, using automation, an attacker may launch 100,000 attacks. Even if the company blocks 90,000 of them, 10,000 still get through. Of these, even if 500 were successful, the attacker can reap enormous profits.
Usually, players on a gaming platform can use the rewards earned while playing games to trade or buy money for real-money trading. When attackers exploit the gaming environment, they create synthetic accounts and use bots to accumulate the currency in no time. They then sell this currency to other players to help them gain unfair advantage over the others.
Another type of attack is on NFTs. In case of NFTs – limited single-purchase-only digital goods – the value increases over a period of time as it becomes rare. Attackers try to amass the best NFTs using bots and scripts much like sneaker fraud or ticket resale fraud, to resell later at a premium.
Benefit from the experience of gaming companies
Banks can benefit from the experience of their peers in gaming to strengthen their own security posture and protect consumers. They can take the following steps to level up their security in the metaverse:
Catch the attackers in their tracks
To catch the attackers early in their tracks, banks will require deeper insights and intel into attacker tactics and financial motivations. They can use smart fraud prevention solutions that leverage advanced technologies such as machine learning, behavioral biometrics, digital device intelligence, IP intelligence, and so forth.
For long-term protection against Master Fraudsters in the metaverse, banks require familiarity with the financial motivations of the attackers. They must adopt a defense-in-depth approach that erodes profitability of attacks to such an extent that the attack no longer remains economically attractive and forces the attacker to move on to an unprotected target.
About Arkose Labs:
Arkose Labs bankrupts the business model of fraud. Recognized by Gartner as a “Cool Vendor in Fraud and Authentication,” the company offers an industry-first warranty on account protection. Its AI-powered platform combines powerful risk assessments with dynamic attack response that undermines the ROI behind attacks, while improving good user throughput. Based in San Francisco, CA with offices in Brisbane, Australia and London, UK, the company was honored as the 195th fastest growing companies in the United States on the 2021 Inc. 5000 list. Arkose Labs – Fraud and Abuse Prevention Platform